China Hacks Email Systems of US Congressional Committee Staff in Major Cyber Espionage Incident

China has reportedly compromised the email systems used by staffers on several influential committees of the United States House of Representatives, according to a Financial Times report. The intrusion is believed to be part of a broader, long-running cyber espionage campaign known as “Salt Typhoon,” linked to China’s Ministry of State Security and aimed at intercepting sensitive communications within the US legislative branch.

Scope of the Intrusion

According to people familiar with the matter, attackers accessed email systems used by staff on powerful Congressional committees, including the House China committee, foreign affairs committee, intelligence committee, and armed services committee. The breaches were detected in December and are part of an extensive offensive targeting US political communications.

While it is unclear whether lawmakers’ personal email accounts were accessed, the systems used by their supporting staff were compromised. These systems often handle confidential correspondence, policy briefings, legislative drafts, and coordination on national security matters, making them a high-value target for foreign espionage.

Salt Typhoon Cyber Espionage Campaign

The intrusion forms part of the Salt Typhoon operation, a cyber espionage initiative attributed to China’s Ministry of State Security. Salt Typhoon has been linked to large-scale interception of communications, including unencrypted phone calls, texts, voicemails, and other digital correspondence of US officials and civilians. The campaign is considered among the most sophisticated and persistent Chinese cyber operations targeting the United States.

Salt Typhoon’s activities are believed to span several years and extend across numerous sectors, reinforcing concerns that Chinese intelligence is seeking strategic insights into US policy priorities and diplomatic planning by penetrating communication networks at multiple levels.

National Security and Legislative Impact

The compromise of committee staff email systems raises critical national security issues. Committees responsible for shaping foreign policy, intelligence oversight, defense policy, and relations with China rely on secure communication to make informed decisions. Exposure of such internal correspondence may give foreign intelligence services insight into US legislative strategies and deliberations.

Senior US officials have long warned that exploitable vulnerabilities in email infrastructure and telecommunications networks make government communications susceptible to foreign interception. Salt Typhoon is cited as a key example of the risks posed by state-level cyber threats that combine technical exploitation with strategic intelligence goals.

Government and Diplomatic Responses

Officials within the White House have not immediately issued a public response regarding the specific incident as reported by the Financial Times. Traditional diplomatic channels have been used in the past to protest alleged state-sponsored cyber intrusions, though at this stage there has been no formal public accusation by US authorities tied directly to this particular breach.

Beijing has denied involvement in the alleged hacks, dismissing claims of cyber espionage as unfounded and politically motivated. These denials are consistent with past responses to allegations of state-linked cyberattacks, in which Chinese officials emphasise cooperation and respect for international norms.

Broader Cybersecurity Implications

The apparent breach highlights the persistent threat of advanced cyber operations targeting government institutions. Cybersecurity experts point out that email systems, particularly those lacking robust end-to-end encryption and modern security controls, remain attractive vectors for intelligence operations. The incident underscores the need for improved defensive measures within government IT infrastructures, including stronger authentication, continuous monitoring and rapid incident response capabilities.

The timing of the breach, amid ongoing strategic competition between the United States and China, adds urgency to broader discussions about critical infrastructure resilience and interagency cybersecurity cooperation. Lawmakers from both political parties have called for assessments of federal email security practices and greater investment in protective technologies to mitigate foreign cyber threats.